Posted
by
CmdrTaco
on Thursday September 02, 2010 @11:09AM
from the out-of-the-bag dept.

tlhIngan writes "Despite all the lawsuits and injunctions by Sony to keep the PS3 Jailbreak out of modder's hands, it appears that a third party has made a clone. The best part is, it only requires a cheap (approximately $40) development board by Atmel, and the requisite software is open-source. Get the Atmel code from GitHub and apply a small patch which will enable backup play (the code by itself only lets you run unsigned code, the patch allows for BD backups). The code is GPLv3. It would be highly ironic if someone ported this to Linux USB Gadgets, then you could use a Linux device to jailbreak your PS3, to which Sony removed Linux functionality. An Android phone would be suitable."

I never quite understood that "If only they'd allowed homebrew, none of this* would have happened!" reasoning.

After all, you can certainly run homebrew on a PC, but this* still happens.

In addition, you -could- run homebrew on the PS3. You didn't get access to the BD, you didn't get full access to the graphics bits and pieces, but you could run homebrew. Apparently that wasn't enough for some, somebody decided to poke at the hypervisor to gain access to these resources, and once they started succeeding a bit, OtherOS was nixed on the older models as well, citing 'security concerns'.

*"this"?

Get the Atmel code from GitHub [which] by itself [...] lets you run unsigned code

Seems like homebrew and linux were possible right there and then...

and apply a small patch which will enable backup play

Right. Backups. I guess that's really what "this" is.

Sounds rather threatening. Open your platform to homebrew, without restriction, or else we'll open it for you - and make it stupid-simple for this* to happen as a(n un)fortunate 'side-effect'.

That out of the way.. I'm looking forward to an actual thriving homebrew scene for the PS3, with lots of indie developers making the games for PS3 they always wanted to but never had the funds to become a licensed developer, and didn't have the access they needed to develop their envisioned games.

No one was affected by that silly rootkit, whereas billions of dollars and millions or hours are wasted each year fighting spam, virii, trojans, worms and malware. All because Microsoft refuse to fix their never ending stream of shitty insecure OSes and applications. It your "friend in IT" is real, he's spent 99% more time fighting this crap than someone that inserted a particular music CD into their PC.

You'll note no significant movement was ever made on a working modchip. PS3 remained pretty much hack-free... until Sony disabled OtherOS.

geohot's glitch - for it was a glitch attack, requiring hardware intervention, and a fair pile of luck for things not to crash - was specifically targeted at the OtherOS hypervisor, only worked in OtherOS, and was simply trying to get more hardware access, but it would never have gotten you complete access (for a start, by the time you're in OtherOS, the SPU in security mode is latched off the bus, I understand, although I never got the opportunity to check personally).

Sony (characteristically, some might say) totally overreacted in the worst possible way - geohot's glitch was really not a useful exploit! - but by taking everyone's toys away, and specifically by causing a problem to a lot of security researchers who used PS3 clusters for all kinds of research (including cryptographic research, for example the MD5/SHA-1 collisions) and who could now only get replacements from eBay praying they're not updated... they made a lot of people suddenly very interested and determined to crack it, and maybe those with clusters would be equally interested in something like this, perhaps even willing to fund research? *shrug* Merely idle speculation...

So, yeah. A fairly tight architecture it is, but start annoying security researchers with the resources to decap or fab chips, let alone dump firmware and look for bugs, and you've got to expect some kind of robust response - although where it really came from originally, we may never know, and what else they have in store for the future, it's hard to tell.

It's a cute little heap overflow in the USB controller; a nice little puppy-pile of (it appears, uncleanly nested) USB hellos and goodbyes to fill the heap, and a shellcode dump for the last one. Fixable in a firmware update, yes - and PSN-bannable (even brickable, if Sony are that hardcore) if used as is, as PS3s log what applications/games you run and send that info to Sony as part of DNAS authentication (at least, they do in unmodified DNAS; it's no longer foolproof) - but this is the tip of the iceberg I'm sure - when Sony fix this, I don't doubt another bug will be found in short order, maybe a software-only one (the PS3 parses enough formats that there's basically got to be something). The arms race has officially begun.

It's correctly named, too; this is really a 'jailbreak' in exactly the same sense as used on the iPhone for example, not some modchip to let people play copied games or anything (in fact, I don't believe it can... yet).

If you're a consumer you're almost certainly doing this. Unless you bought your home outright, only shop at local farmer's markets, sew your own clothes, and don't purchase any entertainment to speak of.

I own a PS3 and I'll be looking into specifically for this feature. Fuck backups. And fuck piracy too. I don't mind paying for games, but after paying for a console with a harddisk in it, and waiting ten minutes for each game to "install" itself I seriously resent having to get my ass off of the couch to switch games.

Come on Sony. I've paid for the system, I've paid for the game. Stop being such fuckwits and let me use what I've already paid for.

I can't say that I have noticed many Sony fans or even Sony apologists. So either they choose not to speak up or there are a lot of people who prioritize games over good character or good sense.

I like their TV's and the PS3, but I'm not exactly a fanboy. I don't think their business practices are much different than any of the giants'. I thought the rootkit scandal was embarrasing, but I don't get why MS got out of that mess so easily, while Sony became marked for life.I tried to question an anti-sony rant here one time before, but got modded to hell (even though it turned out I was right), so at least I am very careful when trying to defend Sony.